| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CANaxB-xD31cx8yfH-JnLS4n8Ta9Teka_GO9fhchODv8gAizc0Q@mail.gmail.com>
Date: Tue, 21 Jan 2020 13:11:26 -0800
From: Andrei Vagin <avagin@...il.com>
To: Christian Brauner <christian.brauner@...ntu.com>
Cc: LKML <linux-kernel@...r.kernel.org>,
Serge Hallyn <shallyn@...co.com>, Jann Horn <jannh@...gle.com>,
Oleg Nesterov <oleg@...hat.com>,
Eric Paris <eparis@...hat.com>, stable@...r.kernel.org,
Dmitry Safonov <0x7f454c46@...il.com>,
Adrian Reber <adrian@...as.de>
Subject: Re: [PATCH] ptrace: reintroduce usage of subjective credentials in ptrace_has_cap()
On Sat, Jan 18, 2020 at 4:47 AM Christian Brauner
<christian.brauner@...ntu.com> wrote:
> > > The criu process is started with all capabilities in the root user namespace.
> > >
> > > I don't have time to investigate this issue right now, will provide
> > > more details next Tuesday.
> >
> > Yeah, we've detected the issue. security_capable() indicates success by
> > returning 0 for whatever reason whereas has_ns_capability() returns 1.
> > So the logic was inverted. This is fixed in the new version. Sorry for
> > the noise!
>
> So, I just finished compiling criu and running the test suite on the
> criu-dev branch. The test-suite passes fine after the security_capable()
> braino in my original patch was corrected to security_capable() == 0:
>
> ################## ALL TEST(S) PASSED (TOTAL 178/SKIPPED 16) ###################
Thank you for doing this! Not all CRIU contributors can run all tests. You rock!
>
> Thanks!
> Christian
Powered by blists - more mailing lists